#!/bin/bash

# 临时启用tcp-syn-cookies
echo 1 > /proc/sys/net/ipv4/tcp_syncookies

# 永久启用tcp-syn-cookies
if grep -q "^net.ipv4.tcp_syncookies" /etc/sysctl.conf; then
    sed -i 's/^net.ipv4.tcp_syncookies.*/net.ipv4.tcp_syncookies=1/' /etc/sysctl.conf
else
    echo "net.ipv4.tcp_syncookies=1" >> /etc/sysctl.conf
fi

# 应用配置
sysctl -p >/dev/null 2>&1

echo "tcp-syn-cookies配置完成"